Method for setting up QoS supported bi-directional tunnel and distributing L2VPN membership information for L2VPN using extended LDP

ABSTRACT

The present invention presents a method for setting up a QoS (Quality-of-Service) supported bi-directional tunnel and distributing L2VPN (Layer-2 Virtual Private Network) membership information for an L2VPN using an extended LDP (Label Distribution Protocol). In a network providing MPLS based L2VPN service, which includes a plurality of VPN provider edges (PEs), a plurality of VPN customer edges (CEs) connected to the PEs and a VPN DNS (Domain Name Service) server for managing PE information associated with a plurality of VPNs, a PE registers information associated with the VPN DNS server to provide the L2VPN service, and uses the extended LDP for QoS supported bi-directional tunnel setup and the extended LDP for QoS supported L2VPN membership information distribution. A VPN CE needs only a simple Layer-2 connection providing function for the L2VPN service.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a method for setting up a QoS(Quality-of-Service) supported bi-directional tunnel and distributingL2VPN (Layer-2 Virtual Private Network) membership information for anL2VPN using an extended LDP (Label Distribution Protocol), wherein themethod can more readily and efficiently manage L2VPN service andcontinuously provide better QoS in a customer network by extending theLDP to provide the L2VPN service.

2. Description of the Prior Art

MPLS (Multi Protocol Label Switching) is standard technology capable ofimproving the efficiency of a network and readily managing the network.In relation to an OSI (Open Systems Interconnection) basic referencemodel, the MPLS enables most packets to be transferred by Layer-2switching rather than Layer-3 routing, enables traffic to be entirelydistributed so that the traffic can be rapidly processed, and enablesthe network to readily be managed for better QoS (Quality-of-Service).For these reasons, the MPLS is expected to be adopted in a network fortransmitting traffic data of various hybrid traffic types in the future.

The MPLS technology started from obtaining the scalability andflexibility of the Layer-3 routing and a higher performance and trafficmanagement function of the Layer-2 switching by separating dataforwarding and routing. Moreover, the MPLS technology is beingstandardized under the name of GMPLS (Generalized MPLS) as a generalizedcontrol component, which supports recently not only packet switching butalso all of time-division switching, wavelength switching and fiberswitching. As the MPLS/GMPLS technology provides various applications tocontrol the Internet, more interest has been focused on the MPLS/GMPLStechnology. Two representative applications are VPN (Virtual PrivateNetwork) service and traffic engineering service. Instead of serviceprovided through a pre-existing leased line, the VPN service sharesresources of a network of an SP (Service Provider), provides thescalability, stability, flexibility and security of the network, andconnects sites associated with a plurality of private networks. Moreinterest has been focused on the VPN service in that it provides highvalue-added service using the current Internet.

The MPLS/GMPLS technology is a standardized technology proposed toaddress a plurality of disadvantages associated with IP (InternetProtocol) technologies in the pre-existing Internet. Because theconventional IP technologies provide only best effort service throughrouting, they could not provide better QoS/CoS (Class-of-Service)required in transmitting current multimedia traffic data, that is,better QoS of a specific level. Further, in all the IP technologies,only the shortest routing path of all routing paths is first searchedfor according to a shortest path first rule. For this reason, thenetwork could not be efficiently operated through the conventional IPtechnologies. Moreover, where a predetermined node or link of thenetwork is failed, there is a problem in that the network cannot bestably operated because it takes much time to detect the failure througha routing protocol and bypass data to another path.

On the other hand, in comparison with the conventional IP technologies,the MPLS/GMPLS technology can efficiently employ the resources of thenetwork by using the traffic engineering service, which can designate aspecific router to each path. Moreover, there is an advantage in thatthe MPLS/GMPLS technology can support different QoS/CoS according to anLSP (Label Switched Path) being an MPLS/GMPLS path. Thus, the MPLS/GMPLStechnology can provide high quality service differentiated from theconventional technology. Also, there is another advantage in that thetraffic engineering service can be supported for the sake of the networkefficiency. Furthermore, a bypass connection associated with eachconnection can be set in advance, against the failure of a specific nodeor link, thereby stably operating the network.

As the MPLS technology has more merits in comparison with theconventional IP technologies for use in the Internet, more interest andresearch is directed toward MPLS based VPN services in comparison withIP-based VPN services. IP tunneling-based VPN associated with basic VPNservice has excellent security, but it is difficult to support betterQoS in the IP tunneling-based VPN. Further, there is anotherdisadvantage in that extension of the IP tunneling-based VPN isrestricted due to a mesh structure and it is not easy to install andmanage the IP tunneling-based VPN. On the other hand, the MPLS based VPNservice has excellent extensibility and can support differentiated QoS.Moreover, there is another advantage in that the MPLS based VPN caneasily manage services and an operating system in comparison withothers.

ISPs (Internet Service Providers) for providing the VPN service canselect two structures, which include an L2VPN (Layer-2 VPN) and an L3VPN(Layer-3 VPN). Their selections may be different according to technicalsupport capabilities of edge equipment, i.e., a PE (Provider Edge),provided in the conventional ISPS. If the conventional PE has a routingprotocol such as a BGP (Boarder Gateway Protocol) embedded therein androuting capability, it can easily provide the L3VPN service. Otherwise,if the conventional PE does not have the routing capability, it caneasily provide the L2VPN service with low-cost equipment, which does notrequire the routing function. Where the VPN service is provided totransparently connect CE (Customer Edge) sites, which provide Layer-2services such as an ATM (Asynchronous Transfer Mode), frame relay andEthernet, a structure of the L2VPN is more appropriate.

Also, to distribute information associated with a VC (Virtual Circuit)connection being a connection between a PE and a CE to the remote PE,that is, to distribute L2VPN membership information between the PE andCE, a method for employing extension of a routing protocol such as theBGP or OSPF (Open Shortest Path First) has been proposed. However, thismethod needs the routing protocol embedded in the PE equipment by whichthe L2VPN service can be provided. The information distribution can beenabled through the extension of an LDP (Label Distribution Protocol),which can be used for a tunnel between PEs. The information distributioncan be enabled by setting up a target session of the LDP anddistributing a label for a VC connection. At this time, the routingprotocol does not have to be necessarily mounted in the PE equipment.

SUMMARY OF THE INVENTION

The present invention provides a method for setting up a QoS(Quality-of-Service) supported bi-directional tunnel and a method fordistributing L2VPN (Layer-2 Virtual Private Network) membershipinformation between a PE (Provider Edge) and a CE (Customer Edge) usingextension of an LDP (Label Distribution Protocol) being one of signalingprotocols of MPLS (Multi Protocol Label Switching)/GMPLS (GeneralizedMPLS) technologies to provide L2VPN service. The present invention usesMPLS technologies providing various merits to easily set up an essentialQoS supported bi-directional connection when providing Ethernet L2VPNservice through a public network. The present invention can easily andefficiently manage the L2VPN service by extending and providing the LDPbeing one of signaling protocols, and provides an L2VPN control devicecontinuously supporting better QoS/CoS (Class-of-Service) servicesprovided from a customer network. Two types of connections are needed toprovide the L2VPN service. One is a tunnel connection used for searchingfor and accessing termination PE equipment, the other is a VC (VirtualCircuit) connection used for searching for and accessing CE equipmentbeing destination customer edge equipment from PE equipment. The presentinvention includes the extended LDP for setting up a bi-directionaltunnel connection between PEs and a virtual connection between a PE anda VPN CE, that is, for distributing L2VPN membership information. TheLDP is extended to set up the virtual connection and simultaneouslydistribute Layer-2 configuration information to other sites. The presentinvention provides VPN DNS managing information of PEs coupled to apublic network and information of PEs belonging to each VPN group.

Also, to provide the L2VPN service in accordance with the presentinvention, PE equipment includes an L2VPN control device providing VPNDNS of the present invention, an extended LDP for setting up a QoSsupported bi-directional tunnel connection, an extended LDP for labeldistribution associated with a QoS supported virtual connection, i.e.,L2VPN membership information distribution, and a VPN management blockmanaging VPN information. CE equipment needs only a simple Layer-2connection providing function for the L2VPN service.

In addition, the present invention provides a method for setting up atunnel and distributing membership information in an L2VPN (Layer-2Virtual Private Network), the method capable of setting up and releasinga bi-directional connection necessary for transparently providingLayer-2 service, extending and providing an LDP (Label DistributionProtocol) to provide Layer-2 configuration information, and providing,within the VPN, better QoS (Quality-of-Service) associated with an ATM(Asynchronous Transfer Mode) or the Ethernet, which was previouslyprovided within a customer site.

In accordance with one aspect of the present invention, the above andother objects can be accomplished by the provision of a method forsetting up an L2VPN (Layer-2 Virtual Private Network) bi-directionaltunnel using an extended LDP (Label Distribution Protocol) in a networkproviding MPLS (Multi Protocol Label Switching)-based L2VPN service,which includes a plurality of VPN provider edges (PEs), a plurality ofVPN customer edges (CEs) connected to the PEs and a VPN DNS (Domain NameService) server for managing PE information associated with a pluralityof VPNs, comprising the steps of: a) registering corresponding VPNinformation in the VPN DNS server if a CE belonging to a specific VPN isadded to a first PE; b) where the first PE sets up a tunnel for theadded CE, requesting the VPN DNS server to transmit informationassociated with at least one n-th PE belonging to the specific VPN andreceiving the information associated with the at least one n-th PE as aresult of the request; c) allowing the first PE to check whether a basicsession coupled to the n-th PE exists, allowing the first PE to transmita label mapping-request message, simultaneously containing a labeldistributed for a uni-directional tunnel connection and a label request,to the n-th PE after setting up a new basic session if the basic sessioncoupled to the n-th PE exists, and setting up the uni-directional tunnelconnection directed to the first PE from the n-th PE; and d) allowingthe n-th PE, receiving the label mapping-request message from the firstPE, to transmit a label-mapping message having a label to be distributedto the first PE and setting up a uni-directional tunnel connectiondirected to the n-th PE from the first PE.

Here, service provided from the VPN DNS server may be preferablyprovided from a specific PE connected to a VPN sharing network or aspecific server connected to a specific network. Preferably, the PE mayrequest the VPN DNS server to register addition or deletion of acorresponding VPN member where a CE belonging to a specific VPN is addedor deleted to or from the PE, because all the PEs recognize a device (aVPN DNS server, a specific PE or a specific server) providing VPN DNS.

Preferably, the label mapping-request message contained in the step c)may include a label for a uni-directional tunnel connection directed tothe first PE transmitting the message from the at least one n-th PEreceiving the message, and a label distribution request for a reversetunnel connection. Preferably, the label mapping-request message may usean extended LDP including a sender's FEC (Forwarding Equivalence Class)TLV (Type-Length-Value) containing FEC being an interface address of thefirst PE transmitting the message having a request for labeldistribution in a reverse direction.

In accordance with another aspect of the present invention, there isprovided a method for distributing L2VPN (Layer-2 Virtual PrivateNetwork) membership information using an extended LDP (LabelDistribution Protocol) in a network providing MPLS (Multi Protocol LabelSwitching)-based L2VPN service, which includes a plurality of VPNprovider edges (PEs), a plurality of VPN customer edges (CEs) connectedto the PEs and a VPN DNS (Domain Name Service) server for managing PEinformation associated with a plurality of VPNs, comprising the stepsof: a) registering corresponding VPN information in the VPN DNS serverif a CE belonging to a specific VPN is added to a first PE; b) settingup a tunnel connection between the PEs belonging to the specific VPN; C)requesting the VPN DNS server to transmit information associated with atleast one n-th PE belonging to the specific VPN to which the CE belongsso that the first PE can distribute L2VPN membership informationassociated with the added CE, and receiving the information associatedwith the at least one n-th PE as a result of the request; d) allowingthe first PE to check whether a target session coupled to the n-th PEexists, allowing the first PE to distribute the membership informationassociated with the added CE to the n-th PE after setting up a newtarget session if the target session coupled to the n-th PE does notexist, and transmit a label mapping-request message having a labelrequest for distributing membership information belonging to acorresponding VPN; and e) allowing the n-th PE, receiving the labelmapping-request message from the first PE, to distribute the membershipinformation belonging to the VPN connected to its own PE through alabel-mapping message, thereby extending the LDP and distributing L2VPNmembership information between the PE and the CE.

As described above, the extended LDP may be used for L2VPN membershipinformation distribution between the PE and the CE and a request fordistributing membership information belonging to a VPN group coupled tothe at least one n-th PE.

Where a CE belonging to a specific VPN is added or deleted to or fromthe PE, the PE requests the VPN DNS server to register or release theVPN group information associated with the added CE, and the CE sets upor releases a Layer-2 connection directed to the PE.

Where a new CE is added to the PE, the label mapping-request messagecontained in the step d) may include a label for membership informationdistribution associated with the added CE, and a distribution requestfor membership information belonging to the same VPN coupled to the n-thPE receiving the message. The label mapping-request message is of a typeof a message including a label distribution request, or uses a formatadditionally including a receiver's VC (Virtual Circuit) label requestTLV (Type-Length-Value) being specific TLV.

Preferably, the label mapping-request message and the label-mappingmessage used for the L2VPN membership information distribution mayinclude VPN FEC (Forwarding Equivalence Class) TLV indicating FECassociated with the membership information, and the VPN FEC may includeinformation (VPN ID) indicating a VPN to which a corresponding CEbelongs, information of an output port connected to a corresponding CEfrom the PE, and information associated with a Layer-2 connection forthe PE and the CE.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features and other advantages of thepresent invention will be more clearly understood from the followingdetailed description taken in conjunction with the accompanyingdrawings, in which:

FIG. 1 is a view illustrating pieces of equipment necessary for an L2VPN(Layer-2 Virtual Private Network) and a connection between the pieces ofequipment in accordance with the present invention;

FIG. 2 is a view illustrating a configuration of an MPLS (Multi ProtocolLabel Switching) based Ethernet-L2VPN in accordance with an embodimentof the present invention;

FIG. 3 is a view illustrating contents of management information of aVPN DNS (Domain Name Service) server in the VPN shown in FIG. 2;

FIG. 4 is a view illustrating a configuration of the VPN for carryingout a procedure of setting up a bi-directional tunnel connection betweenPEs (Provider Edges) in accordance with an embodiment of the presentinvention;

FIG. 5 is a view illustrating a format of a label mapping-requestmessage used for an LDP (Label Distribution Protocol) extended to set upa bi-directional tunnel connection between the PEs (Provider Edges) inaccordance with an embodiment of the present invention;

FIG. 6 is a view illustrating a configuration of the VPN for carryingout a procedure of distributing L2VPN membership information between aPE and a CE (Customer Edge);

FIG. 7 is a view illustrating a format of a label mapping-requestmessage used for an extended LDP to distribute L2VPN membershipinformation between a PE and a CE in accordance with an embodiment ofthe present invention; and

FIG. 8 is a view illustrating a format of a VPN FEC (ForwardingEquivalence Class) TLV (Type-Length-Value) used in a labelmapping-request message for distributing VPN membership information.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

Now, preferred embodiments of the present invention will be described indetail with reference to the annexed drawings.

FIG. 1 is a view illustrating pieces of equipment necessary for an L2VPN(Layer-2 Virtual Private Network) and a structure of a connectionbetween the pieces of equipment in accordance with the presentinvention. As shown in FIG. 1, pieces of equipment basically needed toprovide MPLS (Multi Protocol Label Switching)-based VPN service includePE (Provider Edge) equipment 10 being edge equipment of an ISP (InternetService Provider) providing VPN service and CE (Customer Edge) equipment11 provided in a customer site. The L2VPN service in accordance with thepresent invention is basically implemented by the PE equipment 10, andthe PE equipment 10 can control the L2VPN service. The CE equipment 11simply sets up only a Layer-2 connection directed to the PE equipment 10in order to be registered in a specific VPN. That is, the PE equipment10 provides an extended LDP (Label Distribution Protocol) of the presentinvention, and has a function capable of setting up a QoS supportedbi-directional connection and a function capable of distributingmembership information. The CE equipment 11 does not need an MPLSsignaling function, a routing function, etc., and can set up aconnection using equipment having a simple function. There are a tunnelconnection 12 used for searching for and accessing the termination PEequipment 10 in order to arrive at a destination and a VC (VirtualCircuit) used for searching for and accessing a CE equipment 11, whichis a destination customer edge equipment, from the termination PEequipment 10. To readily set up the connection, the PE equipment 10 hasa VPN DNS (Domain Name Service) function embedded therein, or uses thefunction.

FIG. 2 is a view illustrating a configuration of an MPLS basedEthernet-L2VPN in accordance with an embodiment of the presentinvention. As shown in FIG. 2, the MPLS based Ethernet-L2VPN basicallyincludes pieces of PE equipment 21 and 22 and a plurality of pieces ofCE equipment 23 to 28 provided in customer sites so that the VPN servicecan be provided. Moreover, the MPLS based Ethernet-L2VPN may include aVPN DNS server 20 for providing the VPN DNS function. A tunnelconnection is set up between the termination PE1 21 and the terminationPE2 22, and the termination PE1 and PE2 21 and 22 are connected to thepieces of CE equipment 23 to 28 by a VC connection. At this time, aspecific server coupled to the VPN may carry out the VPN DNS function.Alternatively, specific PE equipment of a shared network may carry outthe VPN DNS function. Hereinafter, the VPN DNS service in accordancewith the present invention will be briefly described. Contents ofmanagement information associated with the VPN DNS include a VPN ID(e.g., Route Distinguisher from RFC 2547), a PE membership list (e.g.,PE IP address/netmask), a CE membership list (e.g., VC connectioninformation), etc. as membership information of the VPN. A tableassociated with the VPN DNS management information is shown in FIG. 3.Referring to FIG. 3, where the VPN ID is VPN 1 (10:1), a PE membershiplist of the VPN includes PE1 and PE2, and an IP address/netmask of thePE1 and an IP address/netmask of the PE2 are “10.10.10.1/255.255.255.0”and “20.20.20.1/255.255.255.0”, respectively. A list of CE membersconnected to the PE1 includes a CE11 and a CE12. Connection informationassociated with the CE11 and the CE12, i.e., VC connection informationassociated with the CE11 and CE12 are “Port1, VLAN ID 10” and “Port2,VLAN ID 20”, respectively. A list of CE members connected to the PE2includes a CE21, and connection information for the CE2, i.e., VCconnection information associated with the CE2 is “Port3, VLAN ID 10”.Those skilled in the art will appreciate that the VPN DNS managementinformation shown in FIG. 3 is exemplary and the present invention isnot limited thereto.

According to addition or deletion of information of a VPN groupconnected to each PE 21 or 22, the PE 21 or 22 should registercorresponding information in the equipment providing the VPN DNS orrelease the registration of the corresponding information from theequipment. Where a tunnel should be set up, the VPN DNS information isused for identifying information of other PEs belonging to the same VPNto which a corresponding PE should set up the tunnel. The VPN DNSinformation is also used for identifying information of PE memberswithin the same VPN and setting up a target session by a LDP (LabelDistribution Protocol) to implement the distribution of labelinformation for the VC connection, i.e., the distribution of L2VPNmembership information.

Hereinafter, a description will be given of a procedure of carrying outthe extended label distribution to set up a bi-directional tunnelbetween PEs. In the setup of the bi-directional tunnel connectionbetween the PEs, the PEs can be connected to the tunnel one by one, orVPN groups between the PEs can be connected to the tunnel one by one.Alternatively, three experimental bits of an LSP label can bedifferently set and a plurality of QoS supported tunnels can be set upso that a QoS based tunnel can be set up between the PEs. Alternatively,the plurality of QoS supported tunnels can be connected to each VPNgroup between the PEs.

A case where one tunnel connection between the PEs among the varioustypes of tunnel connections is set up will be described with referenceto FIG. 4. FIG. 4 is a view explaining a procedure of setting up abi-directional tunnel connection between PEs in accordance with anembodiment of the present invention. FIG. 4 shows a case where a CE31 44belonging to the VPN1 is added to a PE3 43 in the MPLS basedEthernet-L2VPN shown in FIG. 2. First, the CE31 44 belonging to the VPN1is added to the PE3 43, and a Layer-2 connection is set up between thePE3 43 and the CE31 44 (401). Thus, the PE3 43 registers correspondingaddition information in the VPN DNS server 40 placed in the sharednetwork and requests the VPN DNS server 40 to transmit informationassociated with other PEs placed in the network (402). As a result, thePE3 43 obtains information associated with the PE1 41 and the PE2 42placed in the network from the VPN DNS server 40 (403). The PE3 43checks whether a basic session between the PE1 41 and the PE3 43 exists.If the basic session between the PE1 41 and the PE3 43 does not exist,the PE3 43 transmits a label mapping-request message having adistributed label and a label request to the PE1 41 after setting up anew session to the PE1 41 (404). And then a uni-directional tunnelconnection directed to the PE3 43 from the PE1 41 is then set up (405).Similarly, the PE3 43 checks whether a basic session between the PE2 42and the PE3 43 exists. If the basic session between the PE2 42 and thePE3 43 does not exist, the PE3 43 transmits a label mapping-requestmessage to the PE2 42 after setting up a new session coupled to the PE242 (406). And then a uni-directional tunnel connection directed to thePE3 43 from the PE2 42 is then set up (407). Moreover, the PE1 41,receiving the label mapping-request message from the PE3 43, transmits alabel-mapping message having a label distributed to the PE3 43 (408).Through the transmission of the label-mapping message, a uni-directionaltunnel connection directed to the PE1 41 from the PE3 43 is then set up(409). Similarly, the PE2 42, receiving the label mapping-requestmessage from the PE3 43, transmits a label-mapping message having alabel distributed to the PE3 43 (410). A tunnel connection directed tothe PE2 42 from the PE3 43 is set up (411). Thus, a bi-directionaltunnel connection between the PEs can be set up by transmitting twocontrol messages between the PEs.

A method for releasing the bi-directional tunnel setup can be carriedout by transmitting a label withdrawal message and a label releasemessage to each PE as in the pre-existing LDP. The tunnel release methodis the same as the pre-existing LDP release procedure. In short, whereall CEs belonging to a specific VPN are separated from a first PE, abi-directional tunnel release method similar to the pre-existing LDPtransmits, to each n-th PE (n is a positive integer more than “1”), alabel withdrawal message used for a uni-directional tunnel directed tothe first PE from each n-th PE and then transmits, to each n-th PE, alabel release message used for a uni-directional tunnel directed to thefirst PE from each n-th PE.

A format of an exemplary label mapping-request message being a newmessage of an extended LDP to set up the bi-directional tunnel describedabove is shown in FIG. 5. That is, FIG. 5 is a view illustrating aformat of a label mapping-request message used for an extended LDP toset up a bi-directional tunnel connection between the PEs in accordancewith an embodiment of the present invention. As shown in FIG. 5, thelabel mapping-request message with a formation basically similar to thatof the label-mapping message further includes a sender's FEC (ForwardingEquivalence Class) TLV (Type-Length-Value) so that an LER (Label EdgeRouter) receiving the message can carry out the label distribution toanother LER transmitting the message. Because the sender's FEC TLVcontains FEC information being an interface address of the LERtransmitting the message, the LER receiving the message can carry outthe label distribution using the FEC information contained in thesender's FEC TLV. In the newly added sender's FEC TLV, first and secondbits being “U” and “F” bits are set as “1” so that an LSR (LabelSwitched Router) can ignore the TLV and carry out message forwarding,and a value of a TLV type is newly allocated or uses one ofvendor-private TLV values.

If a downstream-on-demand distribution mode is carried out in thepre-existing LDP rather than the extended LDP in accordance with thepresent invention, the transmissions of four control messages are neededto set up a bi-directional tunnel connection between PEs and membershipinformation setting is additionally needed in both PEs. Moreover, if adownstream-unsolicited distribution mode is carried out in thepre-existing LDP, the transmissions of two control messages are needed,and additional work is needed for adding, to the PE1 and the PE2, thesame as information indicating that the CE31 has been added to the PE3so that a connection directed to the PE3 from the PE1 or PE2 can be setup. On the other hand, if additional membership information associatedwith a CE belonging to a specific VPN group is set in a PE according tothe extended LDP of the present invention, there is an advantage in thata bi-directional tunnel connection can be automatically set up betweenthe PE and other PEs.

A procedure of setting up one tunnel between PEs as described above isapplicable to various types of tunnels capable of setting up a pluralityof connections between the PEs. That is, where a tunnel is set up toevery VPN group between the PEs, the VPN DNS server is requested totransmit a list of PE members belonging to a corresponding VPN group,and then the tunnel connection setup can be carried out by theabove-described procedure.

Hereinafter, a description will be given of a procedure of carrying outthe extended LDP to perform a VC connection setup between a PE and a CE,and membership information distribution associated with the VCconnection setup. A VC connection between the PE and the CE is aconnection used so that the PE can search for a Layer-2 connectiondirected to the CE in which a destination system is placed in order toarrive at the destination system. The VC connection informationdistribution can be referred to as L2VPN membership informationdistribution directed to the PE. A label distribution procedureassociated with the VC connection will be described with reference toFIG. 6. FIG. 6 is a view illustrating a procedure of distributing L2VPNmembership information between a PE and a CE. FIG. 6 shows a case wherethe CE31 belonging to the VPN1 is added to the PE3 in the MPLS basedEthernet-L2VPN shown in FIG. 2. An example shown in FIG. 6 illustrates acase where a CE belonging to a specific VPN group is first added to onePE. Here, it is assumed that a tunnel connection between PEs is set upby the above-described tunnel setup procedure. First, a CE31 64belonging to the VPN1 is added to a PE3 63, and a Layer-2 connection isset up between the PE3 63 and the CE31 64 (601). The PE3 63 thenrequests a VPN DNS server 60 placed in a shared network to transmitinformation of other PEs belonging to a corresponding VPN group 1 (602).As a result, the PE3 63 obtains information associated with a PE1 61 anda PE2 62 being the other PEs from the VPN DNS server 60 (603). The PE363 then checks whether a direct target session between the PE1 61 andthe PE3 63 exists. If the direct target session between the PE1 61 andthe PE3 63 does not exist, the PE3 sets up a new session. The PE3 63then distributes a label, for a VC connection directed to the CE31, tothe PE1 61 and then simultaneously transmits the label mapping-requestmessage including a label request to the PE1 61 so that the PE3 63 candistribute label information associated with a VC connection belongingto a corresponding VPN group 1 coupled to the PE1 61 (604). Similarly,the PE3 63 checks whether a direct target session between the PE2 62 andthe PE3 63 exists. If the direct target session between the PE2 62 andthe PE3 63 does not exist, the PE3 63 sets up a new session and thentransmits, to the PE2 62, a label mapping-request message having a labelfor the VC connection and a label request associated with VC connectionsbelonging to a corresponding VPN group 1 coupled to the PE2 (605). ThePE1 61 and the PE2 62, receiving the label mapping-request message,distribute VC connection information belonging to the VPN group 1coupled to each piece of equipment through a label-mapping message (606and 607). Thus, when a new CE is added to a specific VPN, VC connectioninformation associated with each PE can be distributed through twocontrol messages between the PEs.

Where a CE belonging to a specific VPN group is first added to one PE, alabel request is achieved in relation to a connection previously set upthrough the label distribution, because other PEs coupled to the CEbelonging to the VPN have already carried out the label distributionassociated with a corresponding VC connection.

A change of L2VPN membership information between the PE and the CE,i.e., a specific membership information release method can be carriedout by transmitting a label withdrawal message to each PE as in thepre-existing LDP. In other words, where a specific CE is deleted from afirst PE, the membership information change, i.e., the specificmembership information release method can be carried out by transmittingthe label withdrawal message to respective n-th PEs as in thepreexisting LDP.

A format of an exemplary label mapping-request message used for thelabel distribution associated with the above-described VC connection isshown in FIG. 7. That is, FIG. 7 is a view illustrating a format of alabel mapping-request message used for an extended LDP to distributeL2VPN membership information between a PE and a CE in accordance with anembodiment of the present invention. A message of the present inventionuses the same form as the label-mapping message used for thepre-existing LDP like a message type 1 shown in FIG. 7, sets only avalue of a specific message type to a specific value indicating thelabel mapping-request message and uses it. Alternatively, like a messagetype 2, a message of the present invention further includes a receiver'sVC label request TLV indicating a label distribution request associatedwith a VC connection belonging to a specific VPN of a PE receiving themessage. Here, VPN group information can be obtained from VPN IDinformation of FEC TLV. Further, because the FEC TLV of the labelmapping-request message should contain FEC information associated with acorresponding VC connection, the label mapping-request messagecontaining the VPN FEC TLV shown in FIG. 8 is transmitted. FIG. 8 is aview illustrating a format of a VPN FEC TLV used in a labelmapping-request message for distributing VPN membership information. TheVPN FEC TLV includes information (VPN ID) indicating a VPN groupbelonging to a corresponding CE, information of an output port directedto a corresponding CE from a PE, and Layer-2 connection information forthe PE and the CE. The Layer-2 connection information varies accordingto a type of a customer network. Where the customer network is anEthernet network, the Layer-2 connection information can be a VLAN(Virtual Local Area Network) ID. Where the customer network is an ATMnetwork, the Layer-2 connection information can be a VPI (Virtual PathIdentifier)/VCI (Virtual Channel Identifier). Where the customer networkis a frame relay network, the Layer-2 connection information can be aDLCI (Data Link Connection Identifier).

However, where a PE having a CE belonging to a specific VPN group isconnected to another CE, a label-mapping message including the VPN FECTLV instead of a label mapping-request message is transmitted when alabel for a corresponding connection is distributed.

Here, the above-described label release method associated with the VCconnection, i.e., the membership information change method can becarried out by transmitting a label withdrawal message to each PE as inthe pre-existing LDP.

As described above, in the connection setup and label distributionprocedures, a tunnel connection and a VC connection can be set up as aQoS/CoS supported connection. For this connection setup, threeexperimental bits of a label distributed by the LDP may be used. If acustomer network associated with a VPN connected to a PE supportsLayer-2 QoS based on 802.1p to an Ethernet network, three priority bitsbased on 802.1p of a corresponding VLAN tag are mapped to the threeexperimental bits of a label and distributes the mapped label, therebyproviding transparent QoS/CoS services through the VPN. Similarly, wherethe customer network associated with a VPN coupled to a CE is the ATMnetwork, QoS information of a corresponding ATM network is mapped tothree experimental bits of a label and distributes the mapped label,thereby providing transparent QoS/CoS services through the VPN.

The present invention can provide a simple configuration with variousmerits and an easy setup procedure, and efficiently provide L2VPNservice by implementing an L2VPN control function so that a tunnelconnection and a VC connection can be provided using MPLS technologieshaving various merits and transparent LAN service of QoS/CoS supportedin a customer network can be provided.

Further, an L2VPN control service function provided in the presentinvention is included in PE equipment and label distribution can easilycarried out in relation to a tunnel connection and a VC connectionthrough minimum LDP message transmissions.

Furthermore, the present invention can provide a QoS/CoS supportedbi-directional connection, and CE equipment of the present inventionneeds a simple Layer-2 connection providing a specific VPN connectionfunction, thereby providing simplicity of an essential function.

Although the preferred embodiments of the present invention have beendisclosed for illustrative purposes, those skilled in the art willappreciate that various modifications, additions and substitutions arepossible, without departing from the scope and spirit of the inventionas disclosed in the accompanying claims.

1. A method for setting up an L2VPN (Layer-2 Virtual Private Network)bi-directional tunnel using an extended LDP (Label DistributionProtocol) in a network providing MPLS (Multi Protocol Label Switching)based L2VPN service, which includes a plurality of VPN provider edges(PEs), a plurality of VPN customer edges (CEs) connected to the PEs anda VPN DNS (Domain Name Service) server for managing PE informationassociated with a plurality of VPNs, comprising the steps of: a)registering corresponding VPN information in the VPN DNS server if a CEbelonging to a specific VPN is added to a first CE; b) where the firstPE sets up a tunnel for the added CE, requesting the VPN DNS server totransmit information associated with at least one other PE belonging tothe specific VPN and receiving the information associated with the atleast one other PE as a result of the request; c) allowing the first PEto check whether a basic session between the other PE and the first PEexists, allowing the first PE to set up a new basic session for theother PE to transmit a label mapping-request message, simultaneouslycontaining a label distributed for a uni-directional tunnel connectionand a label request, to the other PE if the basic session between theother PE and the first PE dose not exist, and setting up theuni-directional tunnel connection directed to the first PE from theother PE; and d) allowing the other PE, receiving the labelmapping-request message from the first PE, to transmit a label-mappingmessage having a label to be distributed to the first PE and setting upa uni-directional tunnel connection directed to the other PE from thefirst PE.
 2. The method according to claim 1, wherein service providedfrom the VPN DNS server is provided from a specific PE connected to aVPN sharing network or a specific server connected to a specificnetwork.
 3. The method according to claim 1, wherein the PE requests theVPN DNS server to register addition or deletion of a corresponding VPNmember where a CE belonging to a specific VPN is added or deleted to orfrom the PE, because the PE recognizes a device providing VPN DNS. 4.The method according claim 1 wherein the CE sets up or releases aLayer-2 connection directed to the PE where a CE belonging to a specificVPN is added or deleted to or from the PE.
 5. The method according toclaim 1, wherein the label mapping-request message contained in the stepc) includes a label for a uni-directional tunnel directed to the firstPE transmitting the message from the at least one other PE receiving themessage, and a label distribution request for a reverse tunnel.
 6. Themethod according to claim 5, wherein the label mapping-request messageuses an extended LDP including a sender's PEC (Forwarding EquivalenceClass) TLV (Type-Length-Value) containing PEC being an interface addressof the first PE transmitting the message having a request for labeldistribution in a reverse direction.
 7. The method according to claim 1,wherein a tunnel setup between the PEs is achieved by a QoS(Quality-of-Service)/CoS (Class-of-Service) supported connection throughextended label distribution.
 8. The method according to claim 7, whereinQoS/CoS services are provided by mapping three experimental bits of alabel distributed by the LDP to priority information provided by acustomer network and distributing the label.
 9. A method fordistributing L2VPN (Layer-2 Virtual Private Network) membershipinformation using an extended LDP (Label Distribution Protocol) in anetwork providing MPLS (Multi Protocol Label Switching) based L2VPNservice, which includes a plurality of VPN provider edges (PEs), aplurality of VPN customer edges (CEc) connected to the PEs and a VPN DNS(Domain Name Service) server for managing PE information associated witha plurality of VPNs, comprising the steps of: a) registeringcorresponding VPN information in the VPN DNS server if a CE belonging toa specific VPN is added to a first PE; b) setting up a tunnel connectionbetween the PEs belonging to the specific VPN; c) requesting the VPN DNSserver to transmit information associated with at least one other PEbelonging to the specific VPN to which the CE belongs so that the firstPE can distribute L2VPN membership information associated with the addedCE, and receiving the information associated with the at least one otherPE as a result of the request; d) allowing the first PE to check whethera target session between the other PE and the first PE exists, allowingthe first PE to set up a new target session for the other PE todistribute the membership information associated with the added CE tothe other PE if the target session between the other PE and tile firstPE does not exist, and transmit, to the other PE, a labelmapping-request message having a label request for distributingmembership information belonging to a corresponding VPN; and e) allowingthe other PE, receiving the label mapping-request message from the firstPE, to distribute the membership information belonging to the VPNconnected to its own PE through a label-mapping message, therebyextending the LDP and distributing L2VPN membership information betweenthe PE and the CE.
 10. The method according to claim 9, wherein serviceprovided from the VPN DNS server is providedfrom a specific PE connectedto a VPN sharing network or a specific server connected to a specificnetwork.
 11. The method according to claim 9, wherein the PE requeststhe VPN DNS server to register addition or deletion of a correspondingVPN member where a CE belonging to a specific VPN is added or deleted toor from the PE, because the PE recognizes a device providing VPN DNS.12. The method according to claim 9, wherein the CE sets up or releasesa Layer-2 connection directed to the PE where a CE belonging to aspecific VPN is added or deleted to or from the PE.
 13. The methodaccording to claim 9, wherein the label mapping-request messagecontained in the step d) includes a label distribution for membershipinformation distribution associated with the added CE, and adistribution request for membership information belonging to the sameVPN coupled to the other PE receiving the message.
 14. The methodaccording to claim 13, wherein the label mapping-request message is of atype of a message including a label distribution request, or uses aformat additionally including a receiver's VC (Virtual Circuit) labelrequest TLV (Type-Length-Value) being specific TLV.
 15. The methodaccording to claim 9, wherein the label mapping-request message and thelabel-mapping message used for the L2VPN membership informationdistribution include VPN PEC (Forwarding Equivalence Class) TLVindicating PEC associated with the membership information, and die VPNPEC includes information (VPN ID) indicating a VPN to which acorresponding CE belongs, information of an output port connected to acorresponding CE from the PE, and information associated with a Layer-2connection for the PE and the CE.
 16. The method according to claim 9,wherein the step e) further includes a step of: e1) allowing the atleast one other PE to transmit, to the first PE, a label-mapping messagefor distributing membership information associated with a VC connectionbelonging to a corresponding VPN group connected to its own PE and carryout label distribution.
 17. The method according to claim 9, wherein avirtual connection between the PE and the CE is set up as a QoS(Quality-of-Service)/CoS (Class-of-Service) supported connection throughextended label distribution.
 18. The method according to claim 17,wherein QoS/CoS services are provided by mapping three experimental bitsof a label distributed by the LDP to priority information provided by acustomer network and distributing the label.